Sandbox

Another useful feature of Templates is that it operates within a controlled sandbox where each TemplateContext instance is
isolated and defines the entire execution environment on which Templates are executed within as such it should be safe to run
Templates from untrusted 3rd Party sources as they're confined to what's available within their allowed TemplateContext instance.

If running a template from an untrusted source we recommend running them within a new TemplateContext instance so they're
kept isolated from any other TemplateContext instance. Context's are cheap to create, so there won't be a noticeable delay when
executing in a new instance but they're used to cache compiled lambda expressions which will need to be recreated if executing Templates
in new TemplateContext instances. For improved performance you can instead have all untrusted templates use the same
TemplateContext instance that way they're able to reuse compiled expressions.

Remove default filters

If you want to start from a clean slate, the default filters can be removed by clearing the TemplateFilters collection:

context.TemplateFilters.Clear();

Disabling adhoc Filters

Or if you only want to disable access to some filters without removing them all, you can disable access to adhoc filters
by adding to the ExcludeFiltersNamed collection:

Filters can also be disabled on an individual PageResult by populating its ExcludeFiltersNamed collection.

Instance creation and MaxQuota

The only instances that can be created within templates are what's allowed in
JavaScript Literals and the
Generation and Repeating Filters. To limit any potential CPU and GC abuse any default filters
that can generate instances are limited to a MaxQuota of 10000 iterations. This quota can be modified with: